e0b2fb75db
Basic tool to help checking Kconfig options against a list of hardening preferences. This tool is available as a kconfig target, so to run it: make/ninja hardenconfig [Flavio Ceolin: Simplify logic and fix python lint issues] Signed-off-by: Lauren Murphy <lauren.murphy@intel.com> Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
1.8 KiB
1.8 KiB
| 1 | HW_STACK_PROTECTION | y |
|---|---|---|
| 2 | INIT_STACKS | n |
| 3 | KERNEL_DEBUG | n |
| 4 | BOOT_BANNER | n |
| 5 | BOOT_DELAY | 0 |
| 6 | EXECUTION_BENCHMARKING | n |
| 7 | THREAD_MONITOR | n |
| 8 | THREAD_NAME | n |
| 9 | STACK_CANARIES | y |
| 10 | EXECUTE_XOR_WRITE | y |
| 11 | STACK_POINTER_RANDOM | 100 |
| 12 | BOUNDS_CHECK_BYPASS_MITIGATION | y |
| 13 | PERFORMANCE_METRICS | n |
| 14 | STATS | n |
| 15 | DEBUG | n |
| 16 | TRACING | n |
| 17 | STACK_USAGE | n |
| 18 | PRINTK | n |
| 19 | EARLY_CONSOLE | n |
| 20 | ASSERT | n |
| 21 | OBJECT_TRACING | n |
| 22 | OVERRIDE_FRAME_POINTER_DEFAULT | y |
| 23 | DEBUG_INFO | n |
| 24 | OPENOCD_SUPPORT | n |
| 25 | TRACING_CPU_STATS | n |
| 26 | TRACING_CTF | n |
| 27 | USE_SEGGER_RTT | n |
| 28 | LOG | n |
| 29 | SHELL | n |
| 30 | TEST_RANDOM_GENERATOR | n |
| 31 | ZTEST | n |
| 32 | TEST | n |
| 33 | TEST_SHELL | n |
| 34 | TEST_EXTRA_STACKSIZE | 0 |
| 35 | TEST_USERSPACE | n |
| 36 | CUSTOM_RODATA_LD | n |
| 37 | CUSTOM_RWDATA_LD | n |
| 38 | CUSTOM_SECTIONS_LD | n |
| 39 | BUILD_OUTPUT_STRIPPED | y |
| 40 | SOC_ATMEL_SAME70_DISABLE_ERASE_PIN | y |
| 41 | SOC_ATMEL_SAME70_WAIT_MODE | n |
| 42 | FAULT_DUMP | 0 |
| 43 | EXCEPTION_DEBUG | n |
| 44 | X86_MMU | y |
| 45 | BUILTIN_STACK_GUARD | y |
| 46 | MPU_STACK_GUARD | y |
| 47 | STACK_SENTINEL | y |